<?php 
session_start();
define('NEED_PERMISSION','NONEEDLOGIN');
define('NO_HEADER_INFO',true);
include_once('../_init_.php');
include_once(constant('PATH_INCLUDE').'/class.validatecode.php');

$errorMessage = '';
$adminDT = new DataTable(constant('DB_TABLE_ADMIN'));
$needValidCode = isset($_REQUEST['showvalidcode'])?true:false;
$needValidCode = true;
$act = isset($_REQUEST['action'])?$_REQUEST['action']:'';
if($act == 'signin')
{
   try
   {
	if(empty($_REQUEST['username']))
		throw new Exception('請輸入用戶名');
	if(empty($_REQUEST['password']))
		throw new Exception('請輸入密碼');
	  $condition = sprintf("`login_user`='%s' AND `active`='Y'",mysql_real_escape_string($_REQUEST['username']));
		$adminData = $adminDT->get_row($condition);
		if(empty($adminData))
		{
			throw new Exception('對不起，您輸入的用護名稱或密碼錯誤!');
		}
			if($needValidCode)
				{
					if( empty($_REQUEST['validatecode']))
						throw new Exception('請輸入您的驗證碼！');
					if(!ValidateCode::isAdminSigninCodeCorrect($_REQUEST['validatecode']))
						throw new Exception('驗證碼不正確！');
				}
		if($adminData['login_password'] != md5($_REQUEST['password']))
		{
			$max_try_times = intval(Util::getGlobalValue('MAX_ADMIN_TRY_SIGNIN_TIMES_'.$adminData['id']));
			
			if($max_try_times >constant('MAX_ADMIN_TRY_SIGNIN_TIMES'))
			{
				if(empty($_REQUEST['validatecode']))
				{
					header('Location:?showvalidcode=1');
					exit();
				}
				if($needValidCode)
				{
					if( empty($_REQUEST['validatecode']))
						throw new Exception('請輸入您的驗證碼！');
					if(!ValidateCode::isAdminSigninCodeCorrect($_REQUEST['validatecode']))
						throw new Exception('驗證碼不正確！');
				}
			}else{
			
				$max_try_times++;
				
				Util::setGlobalValue('MAX_ADMIN_TRY_SIGNIN_TIMES_'.$adminData['id'],$max_try_times);
				throw new Exception('對不起，您輸入的用護名稱或密碼錯誤!');
			}
		}
		
		Util::deleteGlobalValue('MAX_ADMIN_TRY_SIGNIN_TIMES_'.$adminData['id']);
		SessionUtil::removeVar(constant('SESSION_KEY_ADMIN_SIGN_VALIDATE_CODE'));
		
		SessionUtil::setVar(constant('SESSION_KEY_ADMIN_ID'),$adminData['id']);
		SessionUtil::setVar(constant('SESSION_KEY_ADMIN_NAME'),$adminData['login_user']);
		
		//update admin last login information
		$last_login_info = array();
		$last_login_info['id'] = $adminData['id'];
		$last_login_info['ll_time'] = date('Y-m-d H:i:s');
		$last_login_info['ll_ip'] = Util::getRemoteIP();
		$adminDT->save($last_login_info);
		ob_clean();
		header('Location:index.php');

   }catch(Exception $e)
   {
   	   $errorMessage = $e->getMessage();
   }
}
?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>管理員登入</title>
<style type="text/css">
<!--
BODY
{
	FONT-FAMILY: "宋体";
	FONT-SIZE: 9pt;
	text-decoration: none;
	line-height: 150%;
	background-color: #FBFDFF;
	FONT-SIZE: 9pt;background:#A5D269;
text-decoration: none;
SCROLLBAR-FACE-COLOR: #C6EBDE;
SCROLLBAR-HIGHLIGHT-COLOR: #A5D269; SCROLLBAR-SHADOW-COLOR: #39867B; SCROLLBAR-3DLIGHT-COLOR: #39867B; SCROLLBAR-ARROW-COLOR: #330000; SCROLLBAR-TRACK-COLOR: #E2F3F1; SCROLLBAR-DARKSHADOW-COLOR: #A5D269;
}
TD{	FONT-FAMILY: "宋体";	FONT-SIZE: 9pt;}
Input{	FONT-SIZE: 9pt;	HEIGHT: 20px;}
Button{	FONT-SIZE: 9pt;	HEIGHT: 20px; }
Select{	FONT-SIZE: 9pt;	HEIGHT: 20px;}
A{	TEXT-DECORATION: none;	color: #000000;}
A:hover{	COLOR: #428EFF;	text-decoration: underline;}
.title{	background:url(Images/topBar_bg.gif);}
.border{	border: 1px solid #39867B;}
.tdbg{	background:#E1F4EE;	line-height: 120%;}
.topbg{	background:url(Images/topbg.gif);	color: #A5D269;}
.bgcolor {	background-color: #91BCE3;}
-->
</style>
<script language=javascript>

function CheckForm()
{
	if(document.Login.username.value=="")
	{
		alert("請輸入用戶名！");
		document.Login.username.focus();
		return false;
	}
	if(document.Login.password.value == "")
	{
		alert("請輸入密碼！");
		document.Login.password.focus();
		return false;
	}
	<?php if($needValidCode):?>
	if (document.Login.validatecode.value==""){
       alert ("請輸入您的驗證碼！");
       document.Login.validatecode.focus();
       return(false);
    }
    <?php endif;?>
}



//-->
</script>
</head>
<body class="bgcolor">
<p>&nbsp;</p>
<center>
<table border=1 borderColor=#6699CC cellPadding=4 cellSpacing=1 width=450 style="border-collapse: collapse" align=center >
	<tr valign="baseline"> 
		<td align="right" background=image/b1.gif>
        <div align="center"><font color="#000000" style="font-size: 10.5pt;"> 
          
    <STRONG>網站管理系統</STRONG></font></div>
      </td>
	</tr>
	<tr valign="baseline"> 
		<td bgcolor=#EFF1F3 align=center valign=middle height=60> 
			<table width="103%" height="180" border="0" cellpadding="0" cellspacing="0">
				<?php if($errorMessage):?>
				<tr>
					<td colspan="10"><font color="red"><?php echo $errorMessage;?></font></td>
				</tr>
				<?php endif;?>
				<tr>
					<td width=18> </td>
					
            <td width=133>
              <div align="center"><img alt=""src="images/admin_p.gif" width="90" height="100" border="0">              </div>
            </td>
					<td width=285>
<form name="Login" action="" method="post" target="_parent" onSubmit="return CheckForm();">
	<input type="hidden" name="action" value="signin"/>
	<table width="100%" border="0" cellspacing="8" cellpadding="0" align="center">
		<tr align="center"> 
			<td height="38" colspan="2"><font color="#000000" size="3"><strong>管理員登入</strong></font></td>
		</tr>
		<tr> 
			<td align="right"><font color="#000000">用戶名稱：</font></td>
			<td><input name="username"  type="text"  id="username" maxlength="20" style="width:160px;border-style:solid;border-width:1;padding-left:4;padding-right:4;padding-top:1;padding-bottom:1" onMouseOver="this.style.background='#FDE8FE';" onMouseOut="this.style.background='#A5D269'" onFocus="this.select(); "></td>
		</tr>
		<tr> 
			<td align="right"><font color="#000000">用戶密碼：</font></td>
			<td><input name="password"  type="password" maxlength="20" style="width:160px;border-style:solid;border-width:1;padding-left:4;padding-right:4;padding-top:1;padding-bottom:1" onMouseOver="this.style.background='#FDE8FE';" onMouseOut="this.style.background='#A5D269'" onFocus="this.select(); "></td>
		</tr>
		
		<?php if($needValidCode):?>
		<tr> 
			<td align="right"><font color="#00000">驗 證 碼：</font></td>
			<td><input name="validatecode" size="6" maxlength="4" style="border-style:solid;border-width:1;padding-left:4;padding-right:4;padding-top:1;padding-bottom:1" onMouseOver="this.style.background='#FDE8FE';" onMouseOut="this.style.background='#A5D269'" onFocus="this.select(); ">
				<font color="#FF0000">請在左邊輸入</font>         
				<img src="validatecode.php"/>
            
		</tr>
		<?php endif;?>
		<tr> 
			<td colspan="2"> <div align="center"> &nbsp;&nbsp;&nbsp;&nbsp;
				<input   type="submit" name="submit" value=" 確&nbsp;認 " style="font-size: 9pt; height: 19; width: 60; color: #000000; background-color: #FFCCFF; border: 1 solid #336600" onMouseOver ="this.style.backgroundColor='#A5D269'" onMouseOut ="this.style.backgroundColor='#FFCCFF'">
				&nbsp; 
				<input name="reset" type="reset"  id="reset" value=" 清&nbsp;除 " style="font-size: 9pt; height: 19; width: 60; color: #000000; background-color: #FFCCFF; border: 1 solid #336600" onMouseOver ="this.style.backgroundColor='#A5D269'" onMouseOut ="this.style.backgroundColor='#FFCCFF'"><br>
				</div></td>
		</tr>
	</table>
</form>
				  </td>
				</tr>
		  </table>
		</td>
	</tr>
</table>
  <br></font></a> 
</center>

</body>
</html>
